pulumi-aws-native-kotlin/com.pulumi.awsnative.networkfirewall.kotlin.outputs

Package-level declarations

Types

data class FirewallPolicy(val policyVariables: FirewallPolicyPolicyVariablesProperties? = null, val statefulDefaultActions: List<String>? = null, val statefulEngineOptions: FirewallPolicyStatefulEngineOptions? = null, val statefulRuleGroupReferences: List<FirewallPolicyStatefulRuleGroupReference>? = null, val statelessCustomActions: List<FirewallPolicyCustomAction>? = null, val statelessDefaultActions: List<String>, val statelessFragmentDefaultActions: List<String>, val statelessRuleGroupReferences: List<FirewallPolicyStatelessRuleGroupReference>? = null, val tlsInspectionConfigurationArn: String? = null)

FirewallPolicyActionDefinition

data class FirewallPolicyActionDefinition(val publishMetricAction: FirewallPolicyPublishMetricAction? = null)

FirewallPolicyCustomAction

data class FirewallPolicyCustomAction(val actionDefinition: FirewallPolicyActionDefinition, val actionName: String)

FirewallPolicyDimension

data class FirewallPolicyDimension(val value: String)

FirewallPolicyIpSet

data class FirewallPolicyIpSet(val definition: List<String>? = null)

FirewallPolicyPolicyVariablesProperties

data class FirewallPolicyPolicyVariablesProperties(val ruleVariables: Map<String, FirewallPolicyIpSet>? = null)

Contains variables that you can use to override default Suricata settings in your firewall policy.

FirewallPolicyPublishMetricAction

data class FirewallPolicyPublishMetricAction(val dimensions: List<FirewallPolicyDimension>)

FirewallPolicyStatefulEngineOptions

data class FirewallPolicyStatefulEngineOptions(val ruleOrder: FirewallPolicyRuleOrder? = null, val streamExceptionPolicy: FirewallPolicyStreamExceptionPolicy? = null)

FirewallPolicyStatefulRuleGroupOverride

data class FirewallPolicyStatefulRuleGroupOverride(val action: FirewallPolicyOverrideAction? = null)

FirewallPolicyStatefulRuleGroupReference

data class FirewallPolicyStatefulRuleGroupReference(val override: FirewallPolicyStatefulRuleGroupOverride? = null, val priority: Int? = null, val resourceArn: String)

FirewallPolicyStatelessRuleGroupReference

data class FirewallPolicyStatelessRuleGroupReference(val priority: Int, val resourceArn: String)

FirewallSubnetMapping

data class FirewallSubnetMapping(val ipAddressType: String? = null, val subnetId: String)

GetFirewallPolicyResult

data class GetFirewallPolicyResult(val description: String? = null, val firewallPolicy: FirewallPolicy? = null, val firewallPolicyArn: String? = null, val firewallPolicyId: String? = null, val tags: List<Tag>? = null)

GetFirewallResult

data class GetFirewallResult(val deleteProtection: Boolean? = null, val description: String? = null, val endpointIds: List<String>? = null, val firewallArn: String? = null, val firewallId: String? = null, val firewallPolicyArn: String? = null, val firewallPolicyChangeProtection: Boolean? = null, val subnetChangeProtection: Boolean? = null, val subnetMappings: List<FirewallSubnetMapping>? = null, val tags: List<Tag>? = null)

GetLoggingConfigurationResult

data class GetLoggingConfigurationResult(val loggingConfiguration: LoggingConfiguration? = null)

GetRuleGroupResult

data class GetRuleGroupResult(val description: String? = null, val ruleGroup: RuleGroup? = null, val ruleGroupArn: String? = null, val ruleGroupId: String? = null, val tags: List<Tag>? = null)

GetTlsInspectionConfigurationResult

data class GetTlsInspectionConfigurationResult(val description: String? = null, val tags: List<Tag>? = null, val tlsInspectionConfiguration: TlsInspectionConfigurationTlsInspectionConfiguration? = null, val tlsInspectionConfigurationArn: String? = null, val tlsInspectionConfigurationId: String? = null)

LoggingConfiguration

data class LoggingConfiguration(val logDestinationConfigs: List<LoggingConfigurationLogDestinationConfig>)

LoggingConfigurationLogDestinationConfig

data class LoggingConfigurationLogDestinationConfig(val logDestination: Map<String, String>, val logDestinationType: LoggingConfigurationLogDestinationConfigLogDestinationType, val logType: LoggingConfigurationLogDestinationConfigLogType)

RuleGroup

data class RuleGroup(val referenceSets: RuleGroupReferenceSets? = null, val ruleVariables: RuleGroupRuleVariables? = null, val rulesSource: RuleGroupRulesSource, val statefulRuleOptions: RuleGroupStatefulRuleOptions? = null)

RuleGroupActionDefinition

data class RuleGroupActionDefinition(val publishMetricAction: RuleGroupPublishMetricAction? = null)

RuleGroupAddress

data class RuleGroupAddress(val addressDefinition: String)

RuleGroupCustomAction

data class RuleGroupCustomAction(val actionDefinition: RuleGroupActionDefinition, val actionName: String)

RuleGroupDimension

data class RuleGroupDimension(val value: String)

RuleGroupHeader

data class RuleGroupHeader(val destination: String, val destinationPort: String, val direction: RuleGroupHeaderDirection, val protocol: RuleGroupHeaderProtocol, val source: String, val sourcePort: String)

RuleGroupIpSet

data class RuleGroupIpSet(val definition: List<String>? = null)

RuleGroupIpSetReference

data class RuleGroupIpSetReference(val referenceArn: String? = null)

RuleGroupMatchAttributes

data class RuleGroupMatchAttributes(val destinationPorts: List<RuleGroupPortRange>? = null, val destinations: List<RuleGroupAddress>? = null, val protocols: List<Int>? = null, val sourcePorts: List<RuleGroupPortRange>? = null, val sources: List<RuleGroupAddress>? = null, val tcpFlags: List<RuleGroupTcpFlagField>? = null)

RuleGroupPortRange

data class RuleGroupPortRange(val fromPort: Int, val toPort: Int)

RuleGroupPortSet

data class RuleGroupPortSet(val definition: List<String>? = null)

RuleGroupPublishMetricAction

data class RuleGroupPublishMetricAction(val dimensions: List<RuleGroupDimension>)

RuleGroupReferenceSets

data class RuleGroupReferenceSets(val ipSetReferences: Map<String, RuleGroupIpSetReference>? = null)

RuleGroupRuleDefinition

data class RuleGroupRuleDefinition(val actions: List<String>, val matchAttributes: RuleGroupMatchAttributes)

RuleGroupRuleOption

data class RuleGroupRuleOption(val keyword: String, val settings: List<String>? = null)

RuleGroupRulesSource

data class RuleGroupRulesSource(val rulesSourceList: RuleGroupRulesSourceList? = null, val rulesString: String? = null, val statefulRules: List<RuleGroupStatefulRule>? = null, val statelessRulesAndCustomActions: RuleGroupStatelessRulesAndCustomActions? = null)

RuleGroupRulesSourceList

data class RuleGroupRulesSourceList(val generatedRulesType: RuleGroupGeneratedRulesType, val targetTypes: List<RuleGroupTargetType>, val targets: List<String>)

RuleGroupRuleVariables

data class RuleGroupRuleVariables(val ipSets: Map<String, RuleGroupIpSet>? = null, val portSets: Map<String, RuleGroupPortSet>? = null)

RuleGroupStatefulRule

data class RuleGroupStatefulRule(val action: RuleGroupStatefulRuleAction, val header: RuleGroupHeader, val ruleOptions: List<RuleGroupRuleOption>)

RuleGroupStatefulRuleOptions

data class RuleGroupStatefulRuleOptions(val ruleOrder: RuleGroupRuleOrder? = null)

RuleGroupStatelessRule

data class RuleGroupStatelessRule(val priority: Int, val ruleDefinition: RuleGroupRuleDefinition)

RuleGroupStatelessRulesAndCustomActions

data class RuleGroupStatelessRulesAndCustomActions(val customActions: List<RuleGroupCustomAction>? = null, val statelessRules: List<RuleGroupStatelessRule>)

RuleGroupTcpFlagField

data class RuleGroupTcpFlagField(val flags: List<RuleGroupTcpFlag>, val masks: List<RuleGroupTcpFlag>? = null)

TlsInspectionConfigurationAddress

data class TlsInspectionConfigurationAddress(val addressDefinition: String)

TlsInspectionConfigurationPortRange

data class TlsInspectionConfigurationPortRange(val fromPort: Int, val toPort: Int)

TlsInspectionConfigurationServerCertificate

data class TlsInspectionConfigurationServerCertificate(val resourceArn: String? = null)

TlsInspectionConfigurationServerCertificateConfiguration

data class TlsInspectionConfigurationServerCertificateConfiguration(val certificateAuthorityArn: String? = null, val checkCertificateRevocationStatus: TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties? = null, val scopes: List<TlsInspectionConfigurationServerCertificateScope>? = null, val serverCertificates: List<TlsInspectionConfigurationServerCertificate>? = null)

TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties

data class TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties(val revokedStatusAction: TlsInspectionConfigurationRevokedStatusAction? = null, val unknownStatusAction: TlsInspectionConfigurationUnknownStatusAction? = null)

When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a CertificateAuthorityArn in ServerCertificateConfiguration .

TlsInspectionConfigurationServerCertificateScope

data class TlsInspectionConfigurationServerCertificateScope(val destinationPorts: List<TlsInspectionConfigurationPortRange>? = null, val destinations: List<TlsInspectionConfigurationAddress>? = null, val protocols: List<Int>? = null, val sourcePorts: List<TlsInspectionConfigurationPortRange>? = null, val sources: List<TlsInspectionConfigurationAddress>? = null)

TlsInspectionConfigurationTlsInspectionConfiguration

data class TlsInspectionConfigurationTlsInspectionConfiguration(val serverCertificateConfigurations: List<TlsInspectionConfigurationServerCertificateConfiguration>? = null)